Citation
Abstract
Policy evaluation is a process to determine whether a request submitted by a user satisfies the access control policies defined by an organization. Naming heterogeneity between the attribute values of a request and a policy is common due to syntactic variations and terminological variations, particularly among organizations of a distributed environment. Existing policy evaluation engines employ a simple string equal matching function in evaluating the similarity between the attribute values of a request and a policy, which are inaccurate, since only exact match is considered similar. This work proposes several matching functions which are not limited to the string equal matching function that aim to resolve various types of naming heterogeneity. Our proposed solution is also capable of supporting symmetrical architecture applications, in which the organization can negotiate with the users for the release of their resources and properties that raise privacy concerns. The effectiveness of the proposed matching functions on real XACML policies, designed for universities, conference management, and the health care domain, is evaluated. The results show that the proposed solution has successfully achieved higher percentages of Recall and F-measure compared with the standard Sun’s XACML implementation, with our improvement, these measures gained up to 70% and 57%, respectively.
Download File
Full text not available from this repository.
Official URL or Download Paper: https://www.mdpi.com/2073-8994/13/12/2394
|
Additional Metadata
Item Type: | Article |
---|---|
Divisions: | Faculty of Computer Science and Information Technology |
DOI Number: | https://doi.org/10.3390/sym13122394 |
Publisher: | Multidisciplinary Digital Publishing Institute |
Keywords: | Access control policies; Policy evaluation; Naming heterogeneity; XACML |
Depositing User: | Ms. Nuraida Ibrahim |
Date Deposited: | 03 Apr 2023 07:52 |
Last Modified: | 03 Apr 2023 07:52 |
Altmetrics: | http://www.altmetric.com/details.php?domain=psasir.upm.edu.my&doi=10.3390/sym13122394 |
URI: | http://psasir.upm.edu.my/id/eprint/95825 |
Statistic Details: | View Download Statistic |
Actions (login required)
View Item |